1. Technical Field
The present invention relates generally to technology for providing a browser process based on respective access privileges. More particularly, the present invention relates to a method for providing a browser using browser processes separated based on access privileges and an apparatus using the method, in which access privileges are granted to respective webpages based on a variable degree of reliability, and each webpage may access the resources of a terminal using a browser process that matches the access privileges granted to the webpage.
2. Description of the Related Art
When a user requests a browsing application (hereinafter, browser) to connect to a certain webpage, it is necessary to interpret the corresponding webpage and decode images so as to be displayed on the screen. This work is called rendering. A rendering engine, such as Blink or WebKit, is a software module for providing functions that are required for rendering, and is a main component of a browser.
The latest browsers, such as Chrome and Safari, have a multi-process architecture in order to enable a user to concurrently connect to multiple webpages. Specifically, each webpage is processed and displayed on a different tab, and to this end, a browser may create multiple tabs at the same time and allocate a process for processing the webpage on each of the tabs. Here, the process for processing a webpage on each tab is called a renderer process.
A renderer process performs all operations that are necessary for rendering a webpage, such as parsing Hyper Text Markup Language (HTML) documents and Cascading Style Sheet (CSS) documents, parsing and executing JavaScript, decoding images, and the like. Meanwhile, multiple renderer processes share a single browser process, and this browser process provides functions such as downloading of resources over networks and services that include a history of visited websites, cookies, clipboards, and the like.
However, a browser configured with multiple renderer processes and a single browser process may be weak in security. For example, if a browser concurrently connects to both a webpage having sensitive information and a webpage that may spread malicious code, a single browser process may manage all of the information from the different webpages. In this case, if a hacker gains a privilege for controlling the renderer process and browser process for processing the webpage through the webpage vulnerable to attacks, the sensitive information may be leaked.
These days, not only banking operations and company business but also services such as cloud services and social networking services are provided through web browsers. Because these operations and services handle sensitive information such as authentication information, if such information is leaked, the damage may be very serious.
Currently, a method by which web attacks such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) are prevented is actively being researched. However, in order to resolve the above-mentioned problems, it is also necessary to research and develop technology for enhancing the security of a web browser itself.
In connection with this, Korean Patent Application Publication No. 10-2011-0125698, discloses a technology related to “Security providing method and device for execution of mobile web application.”